On 31.08.2017 20:07, Rick Moen wrote:
> Having the i.MX6 ori.MX8 CPU 'separate' from the baseband controller
Does it have to be an mx6 ? okay, open gpu drivers, but perhaps a little
bit expensive and produces a lot heat.
> (a term on which they have not yet elaborated), but the latter remains
> deeply problematic, being a proprietary black box with proprietary,
> opaque firmware.
#1: isolate them as much as we can, power on only if required, no direct
connections to other vital devices, eg. main memory, storage, ports,
mic, etc - for some interfaces eg. i2s we could even add an extra
tamper detection (when baseband attempts to read audio stream)
or just inject fake data when no actual call is running (w/
cell calls you can safely assume being wiretapped)
#2: reverse engineer the firmware and find leaks for the time we need
to strike
#3: write our own open firmware (that might also be useful for existing
phones out in the wild - maybe even roll out via a virus)
> The WiFi and Bluetooth chips and firmware are apparently also black
> boxes.
Don't let them do the encryption part, just let them be dumb switches,
until we have our own firmware.
> https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy
They suggest firefox ... recent versions (at least since 52) have
built-in malware. I've already removed larged parts of it (yet
very experimental and untested) - still need a strategy to align
w/ upstream.
MSF has already made it perfectly clear they'll never accept any patches
for that and continue their path (already threatened me personally)
--mtx